| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 3 Oct 2012 16:41:41 -0400 From: Theodore Ts'o <tytso@....edu> To: Linus Torvalds <torvalds@...ux-foundation.org> Cc: Kees Cook <kees@...flux.net>, Nick Bowler <nbowler@...iptictech.com>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org> Subject: Re: Linux 3.6 On Wed, Oct 03, 2012 at 01:29:15PM -0700, Linus Torvalds wrote: > On Wed, Oct 3, 2012 at 1:05 PM, Kees Cook <kees@...flux.net> wrote: > > > > 3.6 introduced link restrictions: > > Hmm. If this causes problems for others, I suspect we need to turn it > off by default. > > It's a nice security thing, but considering how quickly people started > complaining after 3.6 was out, I suspect we'll see more of these, and > we may not have any choice. True, although I'm not sure we should be encouraging kernel developers to have world-writeable directories. I suppose if it's a single-user workstation it wouldn't matter, but you could imagine a daemon running has "nobody" which has a stack overflow bug, and then if the user has been careless and uses umasks so that directories in their home directory are world writeable, well..... Regardless of whether or not we turn this security feature off by default, I think it's worthwhile to look at how and why did Nick's directories become world-writeable, and whether there is so distro default which is causing or encouraging this. - Ted -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists